• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 504
  • Last Modified:

Intermittant VPN problems (and ping failures for packets >1380 bytes)

Hopefully someone can help me with this problem.
I have the following setup:

VPN Server is a Netcomm NB3200 Router, connected via ADSL to the internet (IP Address

VPN Client is a Windows XP Pro (SP2) Workstation also connected via ADSL to the internet through a Netcomm NB1300 Plus 4 Modem. For the VPN Client, I'm using Netcomm's VPN client (which establishes an IPSec Tunnell).

I have no problems establishing a VPN tunnell, or doing basic work across the tunnell.

A ping between the sites across the VPN responds in (generally) under 100ms.

I have had intermittant problems recently where applications requiring reasonable amounts of data to be transferred across the VPN hang.

During my investigations, I found that if I ping a larger packet (i.e. ping -L 1390), this always fails.
If I ping a slightly smaller packet (ping -L 1370), it always responds.
Nb. I have NOT set the -f flag!

Pings from other sites (with other workstations) get through even at the larger packet size (say 1400), leading me to think it's either the workstation or the local router (unfortunately there are no other workstations at the site, so I can't test another PC).

Other sites can connect (and ping) fine even at the larger packet size.

Does anyone know what could be causing the problem?

Cheers, Marcus.
  • 2
1 Solution
mjh0Author Commented:
thanks - I reduced the MTU size on the local router (attached to the workstation), and that appears to have done the trick :-)

From reading the info in the links, the PPPoE adds around 8 bytes - any idea what an IPSec VPN tunnell adds to each packet (just out of interest)?
Glad to help!
I don't think that the IPSEC actually adds any overhead. The packets will be fragmented before encryption if necessary.

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now